[ MDVSA-2009:096 ] printer-drivers

[dude67]

_______________________________________________________________________

Package : printer-drivers
Date : April 24, 2009
Affected: Corporate 3.0
_______________________________________________________________________

Problem Description:

A buffer underflow in Ghostscript's CCITTFax decoding filter allows
remote attackers to cause denial of service and possibly to execute
arbitrary by using a crafted PDF file (CVE-2007-6725).

Multiple interger overflows in Ghostsript's International Color
Consortium Format Library (icclib) allows attackers to cause denial
of service (heap-based buffer overflow and application crash) and
possibly execute arbirary code by using either a PostScript or PDF
file with crafte embedded images (CVE-2009-0583, CVE-2009-0584).

Multiple interger overflows in Ghostsript's International Color
Consortium Format Library (icclib) allows attackers to cause denial
of service (heap-based buffer overflow and application crash) and
possibly execute arbirary code by using either a PostScript or PDF
file with crafte embedded images. Note: this issue exists because of
an incomplete fix for CVE-2009-0583 (CVE-2009-0792).

This update provides fixes for that vulnerabilities.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cg ... -2007-6725
http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-0583
http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-0584
http://cve.mitre.org/cgi-bin/cvename.cg ... -2009-0792
_______________________________________________________________________